Omniscia MetaSoccer Audit
Scouting Implementation Security Audit
Audit Overview
We were tasked with performing an audit of the MetaSoccer codebase and in particular their scouting facilitation contract as well as player generation mechanism.
Over the course of the audit, we were able to pinpoint certain areas of the codebase that could become more standardized but overall no significant vulnerabilities were discovered.
The codebase of the project is of a high quality and we advise the MetaSoccer team to consider all exhibits outlined to further enhance the quality of their project.
Post-Audit Conclusion
The Metasoccer team alleviated all exhibits outlined in the report and provided a response for one of the findings that was simply acknowledged.
One of the findings identified in the report was deemed invalid after discussion with the Metasoccer team and has thus been omitted from the report.
All findings were properly dealt with, however, some optimizational ones were alleviated impartially so and we advise the Metasoccer team to fully remediate them to maximize the codebase's optimality.
Contracts Assessed
Audit Synopsis
| Severity | Identified | Alleviated | Partially Alleviated | Acknowledged |
|---|---|---|---|---|
 | 0 | 0 | 0 | 0 |
 | 0 | 0 | 0 | 0 |
 | 3 | 2 | 1 | 1 |
 | 14 | 11 | 2 | 3 |
During the audit, we filtered and validated a total of 4 findings utilizing static analysis tools as well as identified a total of 13 findings during the manual review of the codebase. We strongly recommend that any minor severity or higher findings are dealt with promptly prior to the project's launch as they introduce potential misbehaviours of the system as well as exploits.
The list below covers each segment of the audit in depth and links to the respective chapter of the report: